On Sat, Jul 28, 2007 at 12:39:29AM +0200, Wouter Verhelst wrote:
> On Fri, Jul 27, 2007 at 08:48:26PM +0200, cobaco (aka Bart Cornelis) wrote:
> > Essentially the proposal allows non-DD maintainers (we have 900+, see the
> > thread starting at [1] for details) to upload their own packages IF AND
> > ONLY IF their sponsor has indicated agreement with that by having added
> > the "DM-Upload-Allowed: yes" in the control file of the previous upload.
> Actually, no. The proposal states that a DM can upload their own
> packages, and that any maintainer can allow DM NMUs by adding that field
> to the control file.
Uh, no, that's not what it states. It says:
---
The initial policy for the use of the Debian Maintainer keyring with
the Debian archive will be to accept uploads signed by a key in that
keyring provided:
* none of the uploaded packages are NEW
* the Maintainer: field of the uploaded .changes file corresponds
with the owner of the key used (ie, non-developer maintainers may
not sponsor uploads)
* none of the packages are being taken over from other source packages
* the most recent version of the package uploaded to unstable or
experimental includes the field "DM-Upload-Allowed: yes" in the
source section of its control file
* the most recent version of the package uploaded to unstable or
experimental lists the uploader in the Maintainer: or Uploaders:
fields (ie, non-developer maintainers cannot NMU or hijack packages)
* the usual checks applied to uploads from Debian developers pass
---
The "DM-Upload-Allowed" and "Maintainer/Uploaders" clauses both have to be
satisfied for every upload, as do all the others.
Cheers,
aj
Attachment:
signature.asc
Description: Digital signature